Update ProcessAccess hook - Githubissues

0xrawsec / whids

Open Source EDR for Windows

https://rawsec.lu

GNU Affero General Public License v3.0

1.14k stars 138 forks source link

Update ProcessAccess hook #112

Closed qjerome closed 2 years ago

qjerome commented 2 years ago

New Sysmon fields

SourceUser and TargetUser